diff options
author | djm@openbsd.org <djm@openbsd.org> | 2023-01-15 23:05:32 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2023-01-16 10:57:41 +1100 |
commit | 9fbbfeca1ce4c7ec0001c827bbf4189a3ba0964b (patch) | |
tree | a22178744edf9d2a85d8c1af3b9032cf91e51729 /ed25519.sh | |
parent | 6283f4bd83eee714d0f5fc55802eff836b06fea8 (diff) | |
download | openssh-git-9fbbfeca1ce4c7ec0001c827bbf4189a3ba0964b.tar.gz |
upstream: update OpenSSH's Ed25519 code to the last version of SUPERCOP
(20221122) and change the import approach to the same one we use for
Streamlined NTRUPrime: use a shell script to extract the bits we need from
SUPERCOP, make some minor adjustments and squish them all into a single file.
ok tb@ tobhe@
OpenBSD-Commit-ID: 1bc0fd624cb6af440905b8ba74ac7c03311b8e3b
Diffstat (limited to 'ed25519.sh')
-rw-r--r-- | ed25519.sh | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/ed25519.sh b/ed25519.sh new file mode 100644 index 00000000..8722338d --- /dev/null +++ b/ed25519.sh @@ -0,0 +1,119 @@ +#!/bin/sh +# $OpenBSD: ed25519.sh,v 1.1 2023/01/15 23:05:32 djm Exp $ +# Placed in the Public Domain. +# +AUTHOR="supercop-20221122/crypto_sign/ed25519/ref/implementors" +FILES=" + supercop-20221122/crypto_verify/32/ref/verify.c + supercop-20221122/crypto_sign/ed25519/ref/fe25519.h + supercop-20221122/crypto_sign/ed25519/ref/fe25519.c + supercop-20221122/crypto_sign/ed25519/ref/sc25519.h + supercop-20221122/crypto_sign/ed25519/ref/sc25519.c + supercop-20221122/crypto_sign/ed25519/ref/ge25519.h + supercop-20221122/crypto_sign/ed25519/ref/ge25519.c + supercop-20221122/crypto_sign/ed25519/ref/keypair.c + supercop-20221122/crypto_sign/ed25519/ref/sign.c + supercop-20221122/crypto_sign/ed25519/ref/open.c +" +### + +DATA="supercop-20221122/crypto_sign/ed25519/ref/ge25519_base.data" + +set -e +cd $1 +echo -n '/* $' +echo 'OpenBSD: $ */' +echo +echo '/*' +echo ' * Public Domain, Authors:' +sed -e '/Alphabetical order:/d' -e 's/^/ * - /' < $AUTHOR +echo ' */' +echo +echo '#include <string.h>' +echo +echo '#include "crypto_api.h"' +echo +# Map the types used in this code to the ones in crypto_api.h. We use #define +# instead of typedef since some systems have existing intXX types and do not +# permit multiple typedefs even if they do not conflict. +for t in int8 uint8 int16 uint16 int32 uint32 int64 uint64; do + echo "#define $t crypto_${t}" +done +echo +for i in $FILES; do + echo "/* from $i */" + # Changes to all files: + # - inline ge25519_base.data where it is included + # - expand CRYPTO_NAMESPACE() namespacing define + # - remove all includes, we inline everything required. + # - make functions not required elsewhere static. + # - rename the functions we do use. + sed \ + -e "/#include \"ge25519_base.data\"/r $DATA" \ + -e "/#include/d" \ + -e "s/^void /static void /g" \ + -e 's/CRYPTO_NAMESPACE[(]\([a-zA-Z0-9_]*\)[)]/crypto_sign_ed25519_ref_\1/g' \ + $i | \ + case "$i" in + */crypto_verify/32/ref/verify.c) + # rename crypto_verify() to the name that the ed25519 code expects. + sed -e "/^#include.*/d" \ + -e "s/crypto_verify/crypto_verify_32/g" \ + -e "s/^int /static int /g" + ;; + */crypto_sign/ed25519/ref/sign.c) + # rename signing function to the name OpenSSH expects + sed -e "s/crypto_sign/crypto_sign_ed25519/g" + ;; + */crypto_sign/ed25519/ref/keypair.c) + # rename key generation function to the name OpenSSH expects + sed -e "s/crypto_sign_keypair/crypto_sign_ed25519_keypair/g" + ;; + */crypto_sign/ed25519/ref/open.c) + # rename verification function to the name OpenSSH expects + sed -e "s/crypto_sign_open/crypto_sign_ed25519_open/g" + ;; + */crypto_sign/ed25519/ref/fe25519.*) + # avoid a couple of name collions with other files + sed -e "s/reduce_add_sub/fe25519_reduce_add_sub/g" \ + -e "s/ equal[(]/ fe25519_equal(/g" \ + -e "s/^int /static int /g" + ;; + */crypto_sign/ed25519/ref/sc25519.h) + # Lots of unused prototypes to remove + sed -e "s/^int /static int /g" \ + -e '/shortsc25519_from16bytes/d' \ + -e '/sc25519_iszero_vartime/d' \ + -e '/sc25519_isshort_vartime/d' \ + -e '/sc25519_lt_vartime/d' \ + -e '/sc25519_sub_nored/d' \ + -e '/sc25519_mul_shortsc/d' \ + -e '/sc25519_from_shortsc/d' \ + -e '/sc25519_window5/d' + ;; + */crypto_sign/ed25519/ref/sc25519.c) + # Lots of unused code to remove, some name collisions to avoid + sed -e "s/reduce_add_sub/sc25519_reduce_add_sub/g" \ + -e "s/ equal[(]/ sc25519_equal(/g" \ + -e "s/^int /static int /g" \ + -e "s/m[[]/sc25519_m[/g" \ + -e "s/mu[[]/sc25519_mu[/g" \ + -e '/shortsc25519_from16bytes/,/^}$/d' \ + -e '/sc25519_iszero_vartime/,/^}$/d' \ + -e '/sc25519_isshort_vartime/,/^}$/d' \ + -e '/sc25519_lt_vartime/,/^}$/d' \ + -e '/sc25519_sub_nored/,/^}$/d' \ + -e '/sc25519_mul_shortsc/,/^}$/d' \ + -e '/sc25519_from_shortsc/,/^}$/d' \ + -e '/sc25519_window5/,/^}$/d' + ;; + */crypto_sign/ed25519/ref//ge25519.*) + sed -e "s/^int /static int /g" + ;; + # Default: pass through. + *) + cat + ;; + esac | \ + sed -e 's/[ ]*$//' +done |